That said, the security issue wasn't really the fault of OwnCloud. They use a Microsoft library, which itself included a further library. That downstream library had the security issue. Unfortunately, it happened to interact especially badly with the containerized version of OwnCloud.

That kind of downstream security issue can bite any project. I don't blame OwnCloud in the slightest, and they were very quick to acknowledge the problem and post the solution.